#!/usr/bin/python3.4
# -*- coding=utf-8 -*-
#本脚由亁颐堂现任明教教主编写，用于乾颐盾Python课程！
#教主QQ:605658506
#亁颐堂官网www.qytang.com
#乾颐盾是由亁颐堂现任明教教主开发的综合性安全课程
#包括传统网络安全（防火墙，IPS...）与Python语言和黑客渗透课程！

from pysnmp.entity import engine, config
from pysnmp.carrier.asynsock.dgram import udp
from pysnmp.entity.rfc3413 import cmdgen


# Create SNMP engine instance
snmpEngine = engine.SnmpEngine()

#
# SNMPv3/USM setup
#
# Error/response reciever
def cbFun(sendRequestHandle,
        errorIndication, errorStatus, errorIndex,
        varBindTable, cbCtx):
    if errorIndication:
        print(errorIndication)
    elif errorStatus:
        print('%s at %s' % (
            errorStatus.prettyPrint(),
            errorIndex and varBindTable[-1][int(errorIndex)-1] or '?'
            )
        )
    else:
        for oid, val in varBindTable:
            print('%s = %s' % (oid, val))

def snmpv3_get(ip,user,hash_key,cry_key,oid,hash_alg=None,cry_alg=None,port=161):
    #usmHMACMD5AuthProtocol - MD5 hashing
    #usmHMACSHAAuthProtocol - SHA hashing
    #usmNoAuthProtocol - no authentication
    #usmDESPrivProtocol - DES encryption
    #usm3DESEDEPrivProtocol - triple-DES encryption
    #usmAesCfb128Protocol - AES encryption, 128-bit
    #usmAesCfb192Protocol - AES encryption, 192-bit
    #usmAesCfb256Protocol - AES encryption, 256-bit
    #usmNoPrivProtocol - no encryption
    if hash_alg == 'md5':
        if cry_alg == None:
            config.addV3User(
                snmpEngine, user,
                config.usmHMACMD5AuthProtocol, hash_key,
                config.usmNoPrivProtocol, cry_key
            )
        elif cry_alg == 'des':
            config.addV3User(
                snmpEngine, user,
                config.usmHMACMD5AuthProtocol, hash_key,
                config.usmDESPrivProtocol, cry_key
            )
        elif cry_alg == '3des':
            config.addV3User(
                snmpEngine, user,
                config.usmHMACMD5AuthProtocol, hash_key,
                config.usm3DESEDEPrivProtocol, cry_key
            )
        elif cry_alg == 'aes':
            config.addV3User(
                snmpEngine, user,
                config.usmHMACMD5AuthProtocol, hash_key,
                config.usmAesCfb128Protocol, cry_key
            )
        elif cry_alg == 'aes-192':
            config.addV3User(
                snmpEngine, user,
                config.usmHMACMD5AuthProtocol, hash_key,
                config.usmAesCfb192Protocol, cry_key
            )
        elif cry_alg == 'aes-256':
            config.addV3User(
                snmpEngine, user,
                config.usmHMACMD5AuthProtocol, hash_key,
                config.usmAesCfb256Protocol, cry_key
            )
        else:
            print('输入的加密算法格式有误')
    elif hash_alg == 'sha':
        if cry_alg == None:
            config.addV3User(
                snmpEngine, user,
                config.usmHMACSHAAuthProtocol, hash_key,
                config.usmNoPrivProtocol, cry_key
            )
        elif cry_alg == 'des':
            config.addV3User(
                snmpEngine, user,
                config.usmHMACSHAAuthProtocol, hash_key,
                config.usmDESPrivProtocol, cry_key
            )
        elif cry_alg == '3des':
            config.addV3User(
                snmpEngine, user,
                config.usmHMACSHAAuthProtocol, hash_key,
                config.usm3DESEDEPrivProtocol, cry_key
            )
        elif cry_alg == 'aes':
            config.addV3User(
                snmpEngine, user,
                config.usmHMACSHAAuthProtocol, hash_key,
                config.usmAesCfb128Protocol, cry_key
            )
        elif cry_alg == 'aes-192':
            config.addV3User(
                snmpEngine, user,
                config.usmHMACSHAAuthProtocol, hash_key,
                config.usmAesCfb192Protocol, cry_key
            )
        elif cry_alg == 'aes-256':
            config.addV3User(
                snmpEngine, user,
                config.usmHMACSHAAuthProtocol, hash_key,
                config.usmAesCfb256Protocol, cry_key
            )
        else:
            print('输入的加密算法格式有误')
    elif hash_alg == None:
        if cry_alg == None:
            config.addV3User(
                snmpEngine, user,
                config.usmNoAuthProtocol, hash_key,
                config.usmNoPrivProtocol, cry_key
            )
        elif cry_alg == 'des':
            config.addV3User(
                snmpEngine, user,
                config.usmNoAuthProtocol, hash_key,
                config.usmDESPrivProtocol, cry_key
            )
        elif cry_alg == '3des':
            config.addV3User(
                snmpEngine, user,
                config.usmNoAuthProtocol, hash_key,
                config.usm3DESEDEPrivProtocol, cry_key
            )
        elif cry_alg == 'aes':
            config.addV3User(
                snmpEngine, user,
                config.usmNoAuthProtocol, hash_key,
                config.usmAesCfb128Protocol, cry_key
            )
        elif cry_alg == 'aes-192':
            config.addV3User(
                snmpEngine, user,
                config.usmNoAuthProtocol, hash_key,
                config.usmAesCfb192Protocol, cry_key
            )
        elif cry_alg == 'aes-256':
            config.addV3User(
                snmpEngine, user,
                config.usmNoAuthProtocol, hash_key,
                config.usmAesCfb256Protocol, cry_key
            )
        else:
            print('输入的加密算法格式有误')
    else:
        print('输入的散列算法格式有误')

    if hash_alg == None and cry_alg == None:
        config.addTargetParams(snmpEngine, 'my-creds', 'qytanguser', 'noAuthNoPriv')
    elif hash_alg != None and cry_alg == None:
        config.addTargetParams(snmpEngine, 'my-creds', 'qytanguser', 'authNoPriv')
    elif hash_alg != None and cry_alg != None:
        config.addTargetParams(snmpEngine, 'my-creds', 'qytanguser', 'authPriv')
    else:
        print('仅仅做加密，不做完整性校验是不支持的！')


#
# Setup transport endpoint and bind it with security settings yielding
# a target name (choose one entry depending of the transport needed).
#

# UDP/IPv4

    config.addSocketTransport(
        snmpEngine,
        udp.domainName,
        udp.UdpSocketTransport().openClientMode()
    )

    config.addTargetAddr(
        snmpEngine, 'my-router',
        udp.domainName, (ip, port),
        'my-creds'
    )


# Prepare and send a request message
    cmdgen.GetCommandGenerator().sendReq(
        snmpEngine,
        'my-router',
        ( (oid, None), ),
        cbFun
    )

# Run I/O dispatcher which would send pending queries and process responses
    snmpEngine.transportDispatcher.runDispatcher()

if __name__ == '__main__':
    snmpv3_get('202.100.1.1','qytanguser','12345678','87654321',(1,3,6,1,2,1,1,1,0),'md5','des',161)

===========================================================
[root@Fedora hacker]# ./snmpv3_get.py 
1.3.6.1.2.1.1.1.0 = Cisco IOS Software, 7200 Software (C7200-ADVENTERPRISEK9-M), Version 15.2(4)S, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Fri 20-Jul-12 15:03 by prod_rel_team